Cybersecurity Vulnerabilities

Critical SSRF Vulnerability Exposes Open WebUI Instances (CVE-2025-65958)

December 4, 2025 - By 

Overview

A high-severity Server-Side Request Forgery (SSRF) vulnerability has been discovered in Open WebUI, a self-hosted artificial intelligence platform designed for offline operation. This vulnerability, identified as CVE-2025-65958, allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This poses a significant risk to the confidentiality and integrity of systems interacting with Open WebUI.

Technical Details

Open WebUI versions prior to 0.6.37 are susceptible to this SSRF vulnerability. The flaw stems from insufficient validation of user-supplied input used in making HTTP requests. An authenticated user can manipulate this input to construct URLs that the Open WebUI server will then access. This effectively turns the Open WebUI server into a proxy, enabling the attacker to perform actions that would normally be restricted.

CVSS Analysis

  • CVE ID: CVE-2025-65958
  • Severity: HIGH
  • CVSS Score: 8.5

A CVSS score of 8.5 indicates a high-severity vulnerability. The exploitability is high, and the impact on confidentiality, integrity, and availability is significant. This requires immediate attention and remediation.

Possible Impact

The SSRF vulnerability in Open WebUI can lead to several critical security breaches:

  • Cloud Metadata Access: Attackers can access cloud metadata endpoints (AWS/GCP/Azure), potentially revealing sensitive information such as API keys, secret keys, and instance roles.
  • Internal Network Scanning: The server can be used to scan internal networks, identifying vulnerable services and hosts that are otherwise protected by firewalls.
  • Access to Internal Services: Attackers can access internal services behind firewalls, bypassing security controls and potentially gaining unauthorized access to sensitive data.
  • Sensitive Information Exfiltration: The server can be used to exfiltrate sensitive data to attacker-controlled servers.

Mitigation or Patch Steps

The vulnerability is fixed in Open WebUI version 0.6.37. The recommended mitigation is to upgrade Open WebUI to version 0.6.37 or later immediately.

Steps to upgrade:

  1. Follow the official Open WebUI upgrade instructions provided by the developers. Refer to the project’s documentation on GitHub for detailed upgrade procedures.
  2. Verify the upgrade process after completion to ensure the application is running the patched version.
  3. Restart the Open WebUI service after the upgrade is complete.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *